An Introduction to Modern Defense Strategy

HUMAN has been disrupting the economics of cybercrime for 10 years, and we do that using modern defense strategy. It fuels our Human Defense Platform and is the reason behind takedowns like 3ve, Pareto, Scylla and recently, VASTFLUX.

But you’re probably asking, “what is modern defense strategy?” Let’s dive into it!

Modern defense strategy has three pillars: visibility, network effect, and disruptions and takedowns. We believe that these pillars are the keys to disrupting the organized cybercrime ecosystem that funds the fraudulent behavior we see across the internet.

The Sopranos of Cybercrime

I imagine there’s far less gabagool in the underbelly of the internet, but the principles of organized crime remain: A pseudo-company working to take advantage of unknowing humans. At HUMAN, we’ve seen how organized cybercriminal groups have engaged in the bot economy to level-up. 

Malicious bots are nothing new. They scoop up concert tickets, shoes, ad revenue - the list goes on. Today, 77% of cyberattacks are bot-based. The modern bot problem has come a long way from the click farms of yesterday’s attacks, they’ve allowed cybercriminal organizations to scale and operate just like most (non-criminal) organizations do: 

  • There’s full time staff to keep the scheme going

  • Botnets can be leased or franchised out like any of today’s SaaS products

  • They have customer success teams operating in encrypted chat rooms with custom services and 24/7 support because customer service is important even to fraudsters

  • Even everyday users can turn to more accessible marketplaces to purchase hard-to-get products

While we’re doing our work on this side of the internet, they’re on the dark web using sophisticated bots to mimic human behavior. Most modern bots don’t come from click farms, they come from our own malware-infected devices. 

The Role of Modern Defense Strategy

To take down these organizations, we need to think like they do - work together and come from all angles to defend our digital businesses while making it expensive for them to continue their operations. This is the underlying concept of modern defense strategy: increase the cost of attacks while simultaneously decreasing the cost of collective protection - aka the cost of defense. This is how we do it:

1. Visibility

Visibility is quite literally what we can observe around the internet. We verify the humanity of 20 trillion (that’s nine zeros!) every week, included in that number is 85% of the programmatic advertising ecosystem we observe and protect. Additionally, we observe 3 billion unique devices, which accounts for more than half of all devices on the internet every month. Those insights inform the decisions our platform makes. A detection event for one becomes a protection event for all.

2. Network Effect

Network effect is how we connect the dots of fraud schemes and collectively protect different corners of the internet. Since we work with many different industries and disciplines (e-commerce, brands, marketing, advertising), we’re able to safeguard all from evolving threats. But we can’t do it alone. With the help of industry leaders who participate in the Human Collective and public-private collaborative efforts, we are able to expand our network and bolster our collective protection capabilities.

3. Disruptions & Takedowns

The HUMAN Satori Threat Intelligence & Research team is the brains behind our disruption machine. They’re a team of threat hunters, reverse engineers, and data scientists who uncover fraud operations across the internet. When we do this, we cut off a revenue stream from fraudsters and make attacks much more costly than the money gained. Cross-industry collaboration from our customers is vital here. 

All of this together becomes the fuel for our Human Defense Platform’s decisions. Suddenly, there’s a real threat to these organized cybercriminal organizations. 

Modern Defense Strategy in Practice

While this sounds great in theory, it’s much more impactful in action. Recently the Satori team uncovered and took down a sophisticated ad fraud operation we dubbed VASTFLUX. This was the largest operation we’ve ever uncovered with its per day volume peaking at 12 billion fraudulent bid requests and ran inside apps across 11 million devices. 

This fraud scheme was particularly sophisticated in that the operators purposely evaded ad verification tags in an attempt to go unnoticed. This adaptation allowed them to continue making money, until our Satori team found them and fully disrupted their scheme. Ultimately, we worked with our customers and the Human Collective to orchestrate a private takedown of VASTFLUX. 

Let’s break it down:

  • By using our visibility, we were able to flag discrepancies. The Satori team pulled on the thread, leading to a massive ad fraud scheme. 
  • With our network effect, we were able to deploy protections for all of our customers through the Human Defense Platform. 
  • And while we did that, we disrupted and took down the operation.

Modern defense strategy is how we won against these fraudsters. And when we win, the whole ecosystem wins. That’s modern defense strategy at work.

An abrupt ending, worthy of a Soprano.